Overnight Cybersecurity: Dem investigating Kushner's use of private email | Deloitte suffers breach | SEC under scrutiny for hack

Overnight Cybersecurity: Dem investigating Kushner's use of private email | Deloitte suffers breach | SEC under scrutiny for hack
© Getty

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...



--DELOITTE HIT BY HACKERS: Deloitte was hit with a cyberattack that allowed hackers access to company emails and possibly confidential client information, the Guardian reported Monday. A spokesman for the firm confirmed to The Hill in an email that Deloitte suffered a "cyber incident," saying that an attacker accessed data from an email platform. The company, which conducted a review of the breach, said that "very few clients were impacted" and concluded that "no disruption has occurred to client businesses, to Deloitte's ability to continue to serve clients, or to consumers." According to the Guardian, the hack was discovered in March, but hackers potentially had access to the company's systems as far back as October or November of 2016. Hackers are said to have compromised the company's system through an administrator account, which was secured by a password but did not have two-factor authentication in place. Hackers potentially had access to 5 million emails stored in the company's Azure cloud, which is managed by Microsoft. The breach may also have offered hackers access to usernames, passwords, IP addresses, business diagrams and other sensitive information. News of the hack comes two weeks after credit reporting firm Equifax acknowledged a breach that may have affected up to 143 million Americans, an incident that has put the spotlight on cyber threats to major private sector entities.

To read the rest of our piece, click here.


--DHS NOTIFIES STATES OF RUSSIAN HACKING ATTEMPTS: The Department of Homeland Security (DHS) notified 21 states Friday that Russia attempted to hack their election systems before the 2016 election. In the majority of the states, the Department of Homeland Security only saw preparations for hacking, like scanning to find potential modes for attack. Voting machines are not connected to the internet and cannot be scanned in this way, but other systems, including those housing voter rolls, can be. "As part of our ongoing information sharing efforts, today DHS notified the Secretary of State or another chief election officer in each state of any potential targeting we were aware of in their state leading up to the 2016 election. We will continue to keep this information confidential and defer to each state whether it wishes to make it public or not," DHS said in a statement. The Wisconsin Elections Commission, took the DHS up on that offer, announcing that it was one of the states notified by DHS. Wisconsin officials said their internet-facing systems were among those scanned by Russia but Russia did not hack or in any way impact any of its machines. Illinois and Arizona announced before the election that voter rolls connected to the internet had been hacked by Russia. Alabama, California, Colorado, Florida, Minnesota and Washington also confirmed to The Hill they had been targeted. Lawmakers are raising questions about why DHS took so long to notify states. "It's unacceptable that it took almost a year after the election to notify states that their elections systems were targeted, but I'm relieved that DHS has acted upon our numerous requests and is finally informing the top elections officials in all 21 affected states that Russian hackers tried to breach their systems in the run up to the 2016 election," said Sen. Mark WarnerMark Robert WarnerHillicon Valley: Senate bill would force companies to disclose value of user data | Waters to hold hearing on Facebook cryptocurrency | GOP divided on election security bills | US tracking Russian, Iranian social media campaigns Ex-Obama counterterrorism official: Huawei could pose security threat to international intelligence community Bipartisan senators to introduce bill forcing online platforms to disclose value of user data MORE (D-Va.), the top Democrat on the Intelligence Committee, in a statement. DHS officials previously testified before Congress about evidence that Russia targeted election-related systems in 21 states.

To read the rest of our piece, click here.

--KUSHNER USED PRIVATE EMAIL TO CONDUCT GOVERNMENT BUSINESS: The issue of personal email use for government business has re-emerged, but this time, it's not Hillary ClintonHillary Diane Rodham ClintonBiden to debate for first time as front-runner Top Trump ally says potential Amash presidential bid could be problematic in Michigan Chaotic Trump transition leaks: Debates must tackle how Democrats will govern differently MORE in the spotlight. Politico reported over the weekend that Jared Kushner, President Trump's son-in-law turned senior adviser, has engaged with other White House officials about government matters using a personal email account that he set up during the presidential transition. Kushner also uses an official White House email account. The revelation has already triggered action by congressional Democrats. On Monday, Rep. Elijah Cummings (D-Md.), the top Democrat on the House Oversight and Government Reform Committee, launched a probe into Kushner's use of private email. Cummings sent a letter to Kushner requesting information on his private family domain and other non-government accounts on which he has conducted official business. The letter cited the "shock and outrage" with which Republicans reacted to Clinton's use of private email at the State Department. The issue came up at Monday's White House press briefing, during which press secretary Sarah Sanders declined to say whether the White House would release Kushner's personal emails. Meanwhile, a watchdog group said Monday that Ivanka Trump also used personal email for government business.

To read the rest of our coverage, click here and here.


A LEGISLATIVE UPDATE: SEC HEAD TO TESTIFY FOLLOWING BREACH: The Securities and Exchange Commission (SEC) is coming under fire in Washington after revealing a data breach that may have allowed hackers to profit from stolen insider information.

Jay Clayton, the SEC's new chairman, revealed late Wednesday that hackers breached its EDGAR corporate filing system last year by exploiting a software vulnerability. The incident was detected in 2016 but only recently found to have potentially provided a basis for illicit trading gains.

The breach, revealed less than two weeks after the massive breach of credit reporting firm Equifax, generated immediate scrutiny on Capitol Hill. Lawmakers warned of growing cyber threats to the financial industry, long a top target of hackers.

"The risks from cyber breaches continue to threaten consumers and our financial markets," Sen. Sherrod BrownSherrod Campbell BrownHouse panel to hold hearing on Facebook cryptocurrency project Democrats talk up tax credits to counter Trump law Facebook's new cryptocurrency raises red flags for critics MORE (D-Ohio) told The Hill on Friday. "We expect corporations that hold sensitive data to disclose information about breaches as soon as possible, and the SEC is no different."

The SEC intrusion has created an early test for Clayton, who was confirmed to his post in May.

Clayton will testify Tuesday before the Senate Banking Committee, on which Brown serves as the top Democrat, giving lawmakers a prime opportunity to question him about the beach. Reuters reported Monday that, according to Clayton's prepared testimony, he was only informed of the breach in August, three months after his confirmation.

Sen. Mark Warner (D-Va.), who sits on the committee, said that the SEC's revelation "shows that government and businesses need to step up their efforts to protect our most sensitive personal and commercial information."

Clayton issued a lengthy statement on Wednesday revealing that hackers gained access to nonpublic information held in EDGAR through the vulnerability, which the agency said it patched "promptly" after its discovery last year. This past August, the SEC learned that the information "may have provided the basis for illicit gain through trading" -- triggering the public disclosure this month.

While the investigation into the hack is ongoing, Clayton said that the agency has reason to believe "the intrusion did not result in unauthorized access to personally identifiable information, jeopardize the operations of the Commission, or result in systemic risk."

Many questions remain, including who was behind the breach, what data was stolen, when exactly hackers gained access to the filing system, and how long they had access.

Some in Washington are troubled that they are only now learning of the incident. Rep. Jim Langevin (D-R.I.) told The Hill that he was "very disappointed" to only have learned of the breach on Wednesday.

Warner signaled Thursday that he plans to question Clayton on the SEC's thresholds for requiring that companies disclose breaches.

To read the rest of our piece, click here.


A LIGHTER CLICK: Equinox, not Equifax.


A REPORT IN FOCUS: ISIS HACKERS LACK SOPHISTICATION: ISIS's cyber operations are not even as 'capable as many cybercriminal groups' and are far from the type of sophisticated threat countries face from other nations, according to new research.

Kyle Wilhoit, senior researcher at DomainTools, analyzed ISIS cyberattacks over the past two years. He presented his findings at this weekend's DerbyCon in Louisville, Kentucky.

"I started looking at [the Islamic State in Iraq and Syria] because I started to see media reports about their cyber capabilities and wanted to see how accurate they were," he told The Hill.

"I thought they would be a lot better."

ISIS's hacker corps have defaced a few websites, used rudimentary techniques to break into some web-facing databases and recently started to churn out their own malware.

However, notes Wilhoit, to security professionals, defacing websites is viewed as more akin to digital graffiti than a dangerous attack. Websites affected by the groups appear to be the easiest possible targets, ranging from the student union at the University of New Brunswick to local government sites, to WordPress blogs.

But while the defaced sites cause no additional damage, they can be very unnerving.

"Wake up freedom-loving Americans," Ohio State Treasurer Josh Mandel tweeted after the Ohio Department of Rehabilitation and Corrections website was hacked "Radical Islam infiltrating the heartland."

To read the rest of our piece, click here.


WHAT'S IN THE SPOTLIGHT: SOCIAL MEDIA GIANTS: Focus on Facebook, Twitter, and the investigations into Russian election interference is set to intensify this week. Representatives from Twitter are set to meet with Senate Intelligence Committee staffers. Facebook has also said that it will turn over information on political ads the company sold to Russia-linked groups in the lead up to the presidential election, information that has already been provided to special counsel Robert Mueller.

Facebook came under fire in Washington after revealing the ad purchases, which tallied roughly $100,000, earlier this month.

Sens. Mark Warner (D-Va.), the top Democrat on the Senate Intelligence Committee, and Amy KlobucharAmy Jean KlobucharRules for first Democratic primary debates announced Senate set to bypass Iran fight amid growing tensions Sanders unveils student debt plan amid rivalry with Warren MORE (D-Minn.) are looking to propose legislation that would boost transparency for online political ads by requiring digital platforms to keep public records of groups or individuals who make ad buys over a certain threshold. Facebook CEO Mark Zuckerberg said last week that the company would move to enhance transparency of political ads.

"At the end of the day, this is really about the public's need to know, both the source of the content that's coming at them from a political context, and to be assured that if a series of individuals are liking a certain story or liking a certain account, that those individuals are actually who they represent themselves to be, not Russian agents, for example," Warner during a Sunday appearance on CNN.

Meanwhile, the Washington Post reported over the weekend that President Obama warned Zuckerberg about the threat of "fake news" in November following the presidential election.



Links from our blog, The Hill, and around the Web.

Alabama county officials paid ransom for stolen data. (The Hill)

Chelsea Manning barred from travel in Canada due to US conviction. (The Hill)

Trump allies see vindication in reports on Manafort wiretapping. (The Hill)

Investor group seeks probe into SEC hack. (The Hill)

Trump vacancy raises consternation with Europe. (The Hill)

White House announces new tech jobs initiative. (The Hill)

Roger Stone to testify before House Intelligence Committee. (Washington Examiner)

Tossing out the Iran nuclear deal could incentivize Iranian hackers. (Politico)

China blocks smartphone messenger WhatsApp. (New York Times)

Researcher reveals exploit ahead of macOS High Sierra launch. (ZDNet)

The U.S. and Japan pledged to cooperate on cross-border data flows, cybersecurity. (State Department)

If you'd like to receive our newsletter in your inbox, please sign up here.